Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
File: 760b79cf-4b6a-441d-8cec-518fe8e653f9.roa (raw, json)
Hash identifier: QiuADLFYh/QJJzXYxXNBzk2xx+A0x8j0gAqYMQ3blFs=
Subject key identifier: DD:69:15:16:B8:A5:52:50:DD:91:5E:94:6E:E2:CD:85:3F:4C:FA:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44C8AAE4AF1534766DEF23495D8BA6EEDF713478
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:c8:aa:e4:af:15:34:76:6d:ef:23:49:5d:8b:a6:ee:df:71:34:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:63:7c:5f:aa:63:d0:a6:b3:3b:cc:58:50:
c8:f2:b8:32:1b:b3:f0:c1:05:cb:8d:9f:b8:d0:aa:
42:11:80:fa:63:6a:34:d1:a7:2e:96:c8:d0:7c:30:
76:68:12:6c:99:19:71:73:02:09:d1:f2:d6:48:5c:
43:69:33:5b:d2:75:6c:9d:0c:c4:62:3f:ab:f5:e7:
f0:3e:88:17:4c:37:0b:82:5d:35:19:f9:14:2d:b1:
3c:9f:df:33:7c:0e:c6:81:95:b5:c3:0d:d7:50:04:
eb:cb:32:ef:f4:f9:9e:f7:89:86:19:f3:9d:3e:ad:
a5:fc:00:2b:45:7d:71:34:fd:ff:bf:32:0a:8a:d3:
69:b3:5f:f8:d5:9e:04:8a:cc:2a:b2:28:8e:45:d9:
3c:75:dd:32:be:f7:e2:fe:ff:bb:a8:fe:c1:fd:8d:
02:fa:d3:20:43:77:09:b7:23:fa:82:72:75:5f:6a:
3a:14:8e:6c:e6:27:7c:5b:20:8a:ca:84:9b:3c:ca:
ab:c4:80:3a:9c:1f:90:d7:d1:b0:a9:1f:5b:b4:6e:
a7:d8:02:1f:d4:ce:69:b8:c6:a2:f5:30:dd:b8:da:
03:09:bd:c9:0e:11:03:1b:f2:93:5c:c4:b6:ab:b6:
dd:d4:02:08:0c:9a:89:93:5f:f0:58:11:ed:40:87:
a5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:69:15:16:B8:A5:52:50:DD:91:5E:94:6E:E2:CD:85:3F:4C:FA:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:63:bb:2d:b3:78:71:23:8e:12:7c:04:68:2e:12:75:85:09:
e3:8f:2a:6a:7f:a4:5b:0f:86:fe:93:cd:c7:ae:e0:34:7c:fc:
bd:0a:8b:1e:ad:1e:dc:06:da:bc:65:2b:b5:1e:e0:1b:c5:ea:
85:84:93:ce:10:71:33:88:6b:af:67:b7:fe:6e:7c:54:09:8c:
12:6b:f1:41:19:3e:05:0d:a2:6d:a5:d3:9d:3b:00:bd:bd:36:
89:d3:b4:cc:17:32:c7:ff:0c:d2:10:16:da:61:3b:ed:23:c8:
37:91:3a:ff:99:4d:4c:06:c5:f1:7f:29:6f:4d:c2:1b:ee:58:
59:14:14:d7:c4:47:06:44:1b:dc:2d:4e:f5:30:2b:7a:d1:d1:
c2:c8:f4:0f:bf:4d:8e:69:bd:10:c3:e3:0f:e0:e9:97:70:3e:
d9:9e:51:b6:5a:31:89:49:32:16:02:86:fe:5b:74:94:ce:d6:
f9:e4:4f:91:c6:6c:f8:50:bf:90:a0:83:29:84:37:91:28:64:
7a:b6:0a:d7:03:b2:d1:c0:f2:60:ac:46:0b:d4:b3:9c:b6:16:
35:a0:f3:46:b4:2c:45:37:96:c3:12:cd:2d:8e:8c:0a:a2:09:
11:91:f9:c7:7c:7b:2c:1e:6b:b2:4c:4b:0b:15:19:f2:a4:82:
af:b7:5d:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURMiq5K8VNHZt7yNJXYum7t9xNHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YmJhNzk5ZjQ5MDA1MWUwMTlmYTUyNDkwOWM1ZjdjYzU1OGI2MWU4YzEy
NDJmZjE1MDIwNjI5NjBiNDU0MTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUFY3xfqmPQprM7zFhQyPK4Mhuz8MEFy42fuNCqQhGA+mNqNNGnLpbI0Hww
dmgSbJkZcXMCCdHy1khcQ2kzW9J1bJ0MxGI/q/Xn8D6IF0w3C4JdNRn5FC2xPJ/f
M3wOxoGVtcMN11AE68sy7/T5nveJhhnznT6tpfwAK0V9cTT9/78yCorTabNf+NWe
BIrMKrIojkXZPHXdMr734v7/u6j+wf2NAvrTIEN3Cbcj+oJydV9qOhSObOYnfFsg
isqEmzzKq8SAOpwfkNfRsKkfW7Rup9gCH9TOabjGovUw3bjaAwm9yQ4RAxvyk1zE
tqu23dQCCAyaiZNf8FgR7UCHpbcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdaRUW
uKVSUN2RXpRu4s2FP0z6KzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzYwYjc5Y2YtNGI2YS00NDFkLThjZWMtNTE4ZmU4ZTY1M2Y5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQB0Y7sts3hxI44SfARoLhJ1hQnjjypqf6RbD4b+k83H
ruA0fPy9CoserR7cBtq8ZSu1HuAbxeqFhJPOEHEziGuvZ7f+bnxUCYwSa/FBGT4F
DaJtpdOdOwC9vTaJ07TMFzLH/wzSEBbaYTvtI8g3kTr/mU1MBsXxfylvTcIb7lhZ
FBTXxEcGRBvcLU71MCt60dHCyPQPv02Oab0Qw+MP4OmXcD7ZnlG2WjGJSTIWAob+
W3SUztb55E+Rxmz4UL+QoIMphDeRKGR6tgrXA7LRwPJgrEYL1LOcthY1oPNGtCxF
N5bDEs0tjowKogkRkfnHfHssHmuyTEsLFRnypIKvt10r
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:42:16 2025 by rpki-client